Skip to content
2,151 standards indexed across 19 jurisdictions View the Atlas
3 hubs live · 3 more in the pipeline See all compliance topics
Daily news + multi-week series Browse all insights
3 tools live · 4 interactive tools in development Roadmap
RG Compliance · Blocking Tools 13 min read Jun 25, 2026

Gambling Blocking Tools: Operator Obligations Across Eight Regulated Jurisdictions

Where regulators now require operators to signpost, fund, or integrate gambling blocking tools — from UKGC consultation history to Michigan's Gamban partnership and Sweden's mandatory API.

Matt Denney

By

Founder, gamingcompliance.io · 15 yrs in iGaming compliance

Published Jun 25, 2026 13 min read Filed Responsible Gambling Compliance

Gambling blocking software occupies an increasingly precise regulatory position: no longer a voluntary industry gesture, but a compliance obligation in several of the world’s major regulated markets, with others closing the gap through enforcement and consultation. The tools themselves range from device-level software that prevents access to all gambling sites (Gamban, GamBlock) to browser-based options with lighter footprints (BetBlocker). What varies by jurisdiction is whether regulators require operators to signpost these tools, fund them, or integrate them at the system level. This article maps the current state of play across eight jurisdictions, using primary regulatory instruments to draw the distinction between hard obligation and emerging expectation.

United Kingdom: Consultation Record and the Path to a Formal Requirement

The UK Gambling Commission has the longest documented regulatory engagement with gambling blocking software of any jurisdiction covered here. In May 2019, the Commission closed a call for evidence on gambling website blocking software alongside its consultation on changes to LCCP social responsibility code provision 3.4.1 (Customer Interaction). The consultation document explicitly considered moving beyond the then-existing soft expectation that operators should signpost blocking software, to a requirement that operators provide access to gambling blocking software free of charge to customers. The call for evidence response was published on 23 December 2020.

The Commission’s 2023 White Paper “High Stakes: gambling reform for the digital age” addressed customer-led tools as a distinct reform stream. The autumn 2023 LCCP and RTS consultation covered socially responsible incentives and customer-led tools, with implementation timelines phased to allow operators to make technical and process amendments. As of the March 2026 LCCP update cycle, remote gambling licensees are required to interact proactively with customers showing signs of harm under SR code 3.4.1, but the Commission has not yet translated its 2019 consultation signal into a named, mandatory free-of-charge blocking software provision in the current LCCP text.

The Commission consulted in 2019 on moving from an “expectation (that operators should signpost blocking software to consumers) so that operators have to provide access to gambling blocking software free of charge to customers.”

Practical position for UKGC licensees: Signposting free tools such as Gamban and BetBlocker in responsible gambling content, account settings, and customer interaction workflows reflects the Commission’s documented direction of travel and is consistent with SR code 3.4.1. Remote gambling licensees should treat a free-of-charge access requirement as a probable near-term LCCP change and build the signposting infrastructure now. Legal counsel should monitor LCCP change tracking for any formal amendment.

Source: UK Gambling Commission, Call for Evidence Response, Gambling Blocking Software, published 23 December 2020, UKGC LCCP SR code 3.4.1 (Customer Interaction); 2023 White Paper autumn consultation response.

Sweden: System-Level Integration, Not Just Signposting

Spelinspektionen’s approach to gambling blocking in Sweden operates at the national register level rather than through named third-party software tools. The Gambling Act (Spellagen 2018:1138), read with the Gambling Regulation (Spelförordningen 2018:1475), requires all holders of a Swedish gambling licence to block access for individuals registered in Spelpaus, the national self-exclusion register. This is an unconditional legal obligation with no operator discretion.

SIFS 2026:3, decided on 23 April 2026 and entering into force on 1 August 2026, formalises the technical implementation layer. Licensees must connect to a newly redesigned API infrastructure using regulator-issued Actor IDs and API Keys. The standard mandates three trigger events for mandatory register checks: before sending direct marketing (via the marketing API), at new player registration, and at each login attempt (via the login API). A check is considered legally complete only when it definitively confirms whether the individual is excluded. Spelpaus registrations exceeded 134,500 as of mid-2026.

This architecture means that Sweden’s blocking obligation extends further than most jurisdictions. Operators cannot rely on a periodic batch reconciliation process. The check is an active, real-time gate at every login and every marketing dispatch. Operators uncertain whether their specific licence category triggers the Chapter 12 §1 registration requirement should seek written clarification from Spelinspektionen before 1 August 2026. A detailed analysis of the SIFS 2026:3 technical requirements is available in our SIFS 2026:3 compliance guide.

Denmark: ROFUS Integration as a Certification Requirement

Denmark’s Spillemyndigheden embeds gambling blocking obligations within its certification programme. Inspection Standards for Online Casino SCP.02.03 v2.0 require that all functions of the gambling system related to self-exclusion, whether temporary or permanent, must inform customers of the possibility of being registered in ROFUS (Spillemyndighedens register over frivilligt udelukkede spillere) and must link to the register.

Under the guidance document for betting and online casino (Vejledning om væddemål og onlinekasino, Version 7.0), licence holders must query ROFUS when creating a new player account and at every subsequent login. A player registered in ROFUS must be refused access to log in. For permanent exclusions, the customer relationship must be terminated. For temporary exclusions, the account is suspended for the exclusion period. Licence holders cannot register a player in ROFUS on the player’s behalf, but they must inform the player of the option and provide access to the register through the Spillemyndigheden website.

In February 2026, Spillemyndigheden published new guidance on responsible gambling targeted at licence holders offering betting and online casino, reinforcing these obligations as the authority prepares operators for the increased compliance intensity that accompanies a World Cup betting period. As of June 2025, more than 60,000 individuals had self-excluded through ROFUS.

Netherlands: Duty of Care and the Cost of Inaction

The KSA (Kansspelautoriteit) governs the Netherlands market under the Remote Gambling Act (Wet kansspelen op afstand, KOA), which became effective for market opening on 1 October 2021. The national self-exclusion system CRUKS (Centraal Register Uitsluiting Kansspelen) is the primary blocking mechanism: operators must check CRUKS before allowing play, register players upon player request, and in some circumstances register players involuntarily when criteria for severe problem gambling are met.

Beyond CRUKS, the KSA has enforced a broader duty-of-care obligation with material financial consequences. In 2025, the KSA fined online gambling operator 711 B.V. €886,000 for failing its statutory duty of care towards players. Following an investigation running from February 2022 to June 2024, the KSA found that 711 did not sufficiently analyse user gambling behaviour, failed to implement suitable intervention measures, and allowed some customers’ habits to deteriorate into substantial financial losses. The KSA reviewed ten customer files selected on the basis of harm indicators including high financial losses, frequent multi-day wagering, and late-night gambling activity, and found regulatory infringements in every case. Across 2025, the KSA fined five licensed operators a combined €8.6 million largely for duty-of-care failures.

“We have seen that not all operators organised the duty of care equally well from the opening of the market.”, Michel Groothuizen, Chair, KSA

Dutch government reform proposals announced in 2025 include further enhancements to CRUKS to enable indefinite exclusion without mandatory deregistration, cross-operator deposit limits with financial capacity testing, and stricter duty-of-care obligations with reduced operator interpretive discretion. The government has also signalled website blocking and payment restriction measures targeting unlicensed operators. Operators seeking to understand the full scope of KSA obligations should consult qualified legal counsel in the Netherlands given the speed of the current reform trajectory.

Ontario (Canada): BetGuard and the Centralised Exclusion Model

The AGCO Registrar’s Standards for Internet Gaming impose a mandatory responsible gambling framework on all registered operators. iGaming Ontario launched BetGuard on 14 May 2026 as a centralised self-exclusion platform covering all licensed online gambling operators in the province. Within two weeks of launch, more than 500 individuals had registered. BetGuard covers 77 gaming websites operated by 44 licensed operators including the Ontario Lottery and Gaming Corporation.

Under the AGCO Registrar’s Standards, operators must implement and follow policies and procedures to identify, prevent, and minimise the risks of harm from gaming (Standard 2.01). Standard 2.13 requires that individuals have the option to take a break in play in addition to a formal self-exclusion programme, with mandatory options spanning one day to three months. Operators must also hold RG Check accreditation, the responsible gambling certification programme audited against standards aligned with those of the Responsible Gambling Council.

The AGCO mandates that operators dedicate at least 0.5% of gross gaming revenue to responsible gambling initiatives. BetGuard does not cover unregulated offshore sites, a limitation that mirrors the position in most jurisdictions, but participation is a non-negotiable condition of registration. Operators found sending marketing to self-excluded BetGuard registrants face enforcement action. For a detailed comparison of Ontario and Alberta’s responsible gambling frameworks, see our AGCO vs AGLC standards comparison.

Michigan (USA): The Regulator as Direct Funder

Michigan stands apart from every other jurisdiction in this analysis. The Michigan Gaming Control Board (MGCB) announced in April 2026 a direct partnership with Gamban under which Michigan residents can apply for Gamban licences free of charge, with terms running from one to five years. The MGCB funds the licences directly rather than routing a funding obligation through licensed operators.

The initiative does not require applicants to be enrolled in Michigan’s existing self-exclusion programme. Any resident seeking to limit their access to online gambling, regulated or unregulated, can apply through the MGCB website. Gamban’s software operates as a cross-device blocking tool preventing access to both regulated and unregulated gambling websites and mobile applications. It is designed to be difficult for users to disable or remove unilaterally, and it connects users to local support resources.

MGCB Executive Director Henry Williams positioned the programme as providing access to people “where cost might otherwise be a barrier.” This model, where the regulator absorbs the cost of blocking software as a public health measure rather than mandating operator funding, represents a distinct regulatory philosophy from the UKGC’s approach of routing the obligation through licensees.

Malta (MGA): Player Protection Directive and the Gap on Named Tools

The MGA’s Player Protection Directive (Directive 2 of 2018), in force since 1 August 2018 under the authority of article 7(2) of the Gaming Act (Cap. 583 of the Laws of Malta), mandates that all B2C licensees offer self-exclusion for both definite and indefinite timeframes. Self-exclusion must be simple and easily accessible. The Directive requires either deposit limits or wagering limits as a mandatory minimum, with both strongly encouraged. Reality checks are mandatory.

Directive 2 of 2018 does not name Gamban, BetBlocker, or GamBlock, and does not impose a specific obligation to signpost or fund third-party blocking software. The MGA FAQ guidance encourages licensees to offer loss limits, time limits, and time-outs beyond the mandatory minimum, and notes that the Authority strongly encourages operators to offer both deposit and wagering limits rather than only one. Enhanced safeguards including blocking software links are treated as recommended best practice for high-risk operators rather than a universal operator obligation.

Operators licensed by the MGA who serve UK-facing markets must also comply with UKGC requirements, creating a layered obligation. Operators who consider an MGA licence sufficient for all markets should take legal advice on the point-of-consumption obligations in each jurisdiction where players are accepted. The full licensing framework is covered in our UKGC vs MGA licence comparison.

France (ANJ): Algorithm-Driven Detection and Interdiction Volontaire

France’s Autorité Nationale des Jeux (ANJ) operates the Interdiction Volontaire national self-exclusion register, which had more than 85,000 active registrations as of recent reporting. French law requires licensees to check player accounts against this register. Operators must not accept a new account registration or allow continued play from a registered individual.

Through its 2024-2026 strategic plan, the ANJ developed an algorithm analysing 23 risk indicators to classify players into recreational, moderate, excessive, and manifestly excessive risk categories. The algorithm identified approximately 600,000 high-risk players in the second half of 2025, generating 60% of France’s online gambling revenue. Around 300,000 were classified as manifestly excessive and represent the ANJ’s primary intervention priority. The ANJ has found that operators detect far fewer cases than the algorithm suggests, indicating systematic failures in operator-side monitoring.

The ANJ’s enforcement posture is sharpening: operators are legally required to implement player protection measures, and the regulator has concluded that “further efforts” are needed beyond current operator practice. The ANJ’s framework focuses on operator behavioural monitoring and intervention obligations rather than routing a specific blocking software requirement through licensees. Operators with significant exposure to high-risk player populations face the prospect of direct regulatory engagement if their detection and intervention systems fall materially short of the algorithm’s benchmarks.

Curaçao (CGA): Enhanced Safeguards for High-Risk Operators

The Curaçao Gaming Authority (CGA), operating under the Landsverordening op de Kansspelen (LOK) which entered into force on 24 December 2024, requires all B2C licensees to implement responsible gaming policies including self-exclusion, cooling-off periods, deposit limits, and reality checks. Each operator must appoint a Responsible Gaming Officer to oversee implementation and submit annual reports to the CGA.

For high-risk operators, specifically those using cryptocurrency, agent systems, or VIP programmes, the CGA’s responsible gaming framework explicitly lists website-blocking software links, including BetBlocker, GamBlock, and Gamban, among the enhanced safeguards that may be required. These are positioned as measures proportionate to the operator’s risk exposure rather than universal requirements. The CGA framework also requires operators to track player behaviour using data analytics or AI to identify high-risk patterns such as frequent deposits, reversed withdrawals, or extended sessions.

Cross-Jurisdiction Comparison

Jurisdiction Regulator Blocking Tool Obligation Named Tools Status
United Kingdom UKGC Signpost, free-of-charge access under consultation Gamban, BetBlocker (consultation) Probable near-term LCCP amendment
Sweden Spelinspektionen Mandatory real-time API check (Spelpaus) at login and marketing Spelpaus national register SIFS 2026:3 effective 1 Aug 2026
Denmark Spillemyndigheden Mandatory ROFUS check at registration and login, link to register ROFUS national register In force (SCP.02.03)
Netherlands KSA CRUKS mandatory, broader duty of care enforceable by fine CRUKS national register In force, reform proposals pending
Ontario, Canada AGCO BetGuard participation mandatory for all registered operators BetGuard centralised platform In force from 14 May 2026
Michigan, USA MGCB Regulator-funded free Gamban licences for residents Gamban Live from April 2026
Malta MGA Self-exclusion mandatory, third-party blocking tools encouraged (high-risk) None named in Directive 2 of 2018 In force, no specific tool mandate
France ANJ Interdiction Volontaire mandatory, algorithm-driven monitoring duty Interdiction Volontaire register In force, enforcement intensifying
Curaçao CGA Enhanced safeguards including blocking tool links for high-risk operators BetBlocker, GamBlock, Gamban (enhanced tier) LOK in force 24 Dec 2024

What Do These Requirements Mean for Multi-Licence Operators?

The practical gap between jurisdictions is narrower than the regulatory text implies. Every jurisdiction in this analysis has moved past the question of whether operators should offer some form of gambling restriction tooling, and towards the question of how robust and mandatory that tooling must be. The divergence lies in three dimensions: whether the obligation is statutory or supervisory, whether it is operator-funded or regulator-funded, and whether it requires integration with a named national system or simply signposting to external tools.

For operators with multi-jurisdictional footprints, the Swedish and Danish models impose the most technically demanding obligations. SIFS 2026:3 and SCP.02.03 require live API integrations at the system architecture level, not compliance policy additions. These obligations belong in the technical specification alongside identity verification and game integrity checks. The KSA’s enforcement record demonstrates that the Netherlands’ duty-of-care standard converts into financial liability without a named tool mandate: operators cannot point to the absence of a specific blocking software requirement as a defence when player harm indicators went unaddressed.

Operators serving UK, Swedish, Danish, and Dutch markets simultaneously should implement a blocking tool signposting layer in account settings and self-exclusion flows covering Gamban, BetBlocker, and GamBlock, maintain live API connections to Spelpaus and ROFUS for those respective markets, and participate in CRUKS and BetGuard for their Netherlands and Ontario player bases. The MGA’s Directive 2 of 2018 floor is self-exclusion and deposit or wagering limits, operators serving only MGA-licensed markets outside the UK face the lightest documented third-party blocking obligation, though this position is evolving as the CGA’s enhanced safeguard expectations and the ANJ’s monitoring algorithm create upward pressure across the industry. The full responsible gambling compliance picture across all regulated jurisdictions is mapped at our Responsible Gambling Compliance hub.

Operator action summary: Map each licensed jurisdiction’s blocking tool obligation against your current system architecture. For Sweden (from 1 August 2026) and Denmark, verify live API connectivity and credential management for Spelpaus and ROFUS respectively. For Ontario, confirm BetGuard integration is complete and tested. For the UK, build free-of-charge blocking tool signposting into responsible gambling flows now. Document all steps. Qualified legal counsel should review the specific technical and contractual implementation in each jurisdiction.

Key Resources

UK Gambling Commission, Call for Evidence Response, Gambling Blocking Software (23 December 2020): gamblingcommission.gov.uk

Spelinspektionen, SIFS 2026:3, National Self-Exclusion Register Technical Requirements (effective 1 August 2026): spelinspektionen.se

Spillemyndigheden, Certification Programme SCP.02.03 Inspection Standards for Online Casino v2.0: spillemyndigheden.dk

MGA, Player Protection Directive (Directive 2 of 2018), Gaming Act Cap. 583: mga.org.mt

AGCO, Registrar’s Standards for Internet Gaming (Standards 2.01, 2.13): agco.ca

Michigan Gaming Control Board, Gamban Partnership Information: michigan.gov

Matt Denney

Matt Denney

Editorial · gamingcompliance.io

Reads the primary source so you don't have to. Fifteen years inside iGaming compliance: operator, supplier, and crown-corporation lottery.

Related coverage · also tagged Responsible Gambling Compliance

Browse all →

Responsible Gambling Compliance

UKGC Financial Vulnerability Checks and FRAs: Thresholds, Timelines, and CRM Trigger Points

Jul 13 · 15 min read

Responsible Gambling Compliance

Single Customer View for RG: Where Cross-Brand Aggregation Is Compulsory in 2026

Jul 11 · 13 min read

Responsible Gambling Compliance

GamCare, BeGambleAware and ANJ Treatment Partners: Operator Integration Obligations in 2026

Jul 4 · 15 min read

The Tuesday brief, every week.

One email. Every regulator change we surface, every standard we re-index, every enforcement decision we read. No marketing, no fluff.

Unsubscribe with one click. We'll never share your address.